summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMartin Schanzenbach <mschanzenbach@posteo.de>2021-03-10 08:54:03 +0100
committerMartin Schanzenbach <mschanzenbach@posteo.de>2021-03-10 08:54:03 +0100
commitc54fdac500a8233599e784540ecda7e3a0f21560 (patch)
tree8242e4c0f5a610250d852223f6dada101602d263
parent0b2c0f22fa516e101874d8ee7c2cdc7113da418a (diff)
-implementation notice for our ECC
-rw-r--r--src/util/crypto_ecc.c16
1 files changed, 16 insertions, 0 deletions
diff --git a/src/util/crypto_ecc.c b/src/util/crypto_ecc.c
index 7110a2c4d..efbf2ee17 100644
--- a/src/util/crypto_ecc.c
+++ b/src/util/crypto_ecc.c
@@ -33,6 +33,22 @@
#define EXTRA_CHECKS 0
+/**
+ * IMPLEMENTATION NOTICE:
+ *
+ * ECDSA: We use a non-standard curve for ECDSA: Ed25519.
+ * For performance reasons, we use cryptographic operations from
+ * libsodium wherever we can get away with it, even though libsodium
+ * itself does not support ECDSA.
+ * This is why the sign and verifiy functionality from libgcrypt is
+ * required and used.
+ *
+ * EdDSA: We use a standard EdDSA construction.
+ * (We still use libgcrypt for hashing and RNG, but not EC)
+ *
+ * ECDHE: For both EdDSA and ECDSA keys, we use libsodium for
+ * ECDHE due to performance benefits over libgcrypt.
+ */
/**
* Name of the curve we are using. Note that we have hard-coded